Microsoft has released Security Advisory 958963 to alert users that exploit code is publicly available for the Windows Server Service vulnerability addressed in Microsoft Security Bulletin MS08-067. The advisory states that this exploit code has demonstrated arbitrary code execution on Windows 2000, XP and Server 2003.
DarkFiber Consulting encourages users and administrators to review Microsoft Security Advisory 958963 and apply the update or workarounds listed in Microsoft Security Bulletin MS08-067 to help mitigate the risks.
Additional information regarding the Windows Server Service vulnerability is available in:
- Microsoft Security Bulletin MS08-067
- Vulnerability Note VU#827268
- Current Activity Entry – Microsoft Releases Out-of-Band Security Bulletin MS08-067